JunOS Local Security Checks : Juniper Networks Junos OS SRX RTSP DoS Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.106062

Categoría: JunOS Local Security Checks

Título: Juniper Networks Junos OS SRX RTSP DoS Vulnerability

Resumen: Junos OS on SRX Series is prone to a Denial of Service vulnerability;in flowd.

Descripción: Summary:
Junos OS on SRX Series is prone to a Denial of Service vulnerability
in flowd.

Vulnerability Insight:
On all SRX-Series devices, when the RTSP ALG is enabled, a certain
crafted RTSP packet might cause the flowd process to crash, halting or interrupting traffic from flowing
through the device. RTSP ALG is enabled by default on branch SRX platforms and disabled by default on
high-end SRX platforms.

Vulnerability Impact:
A network based attacker can cause a denial of service condition.

Affected Software/OS:
Junos OS 12.1, 12.3 and 15.1

Solution:
New builds of Junos OS software are available from Juniper. As
a workaround disable RTSP ALG services.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-1262
http://www.securitytracker.com/id/1035108

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.106062
Categoría:	JunOS Local Security Checks
Título:	Juniper Networks Junos OS SRX RTSP DoS Vulnerability
Resumen:	Junos OS on SRX Series is prone to a Denial of Service vulnerability;in flowd.
Descripción:	Summary: Junos OS on SRX Series is prone to a Denial of Service vulnerability in flowd. Vulnerability Insight: On all SRX-Series devices, when the RTSP ALG is enabled, a certain crafted RTSP packet might cause the flowd process to crash, halting or interrupting traffic from flowing through the device. RTSP ALG is enabled by default on branch SRX platforms and disabled by default on high-end SRX platforms. Vulnerability Impact: A network based attacker can cause a denial of service condition. Affected Software/OS: Junos OS 12.1, 12.3 and 15.1 Solution: New builds of Junos OS software are available from Juniper. As a workaround disable RTSP ALG services. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1262 http://www.securitytracker.com/id/1035108
Copyright	Copyright (C) 2016 Greenbone AG